Yifan Ivan Zhang

YIFAN“IVAN”ZHANG

265Bryantstreet,Malden,MA02148 |857-300-8963|PublicProfile: n kedin.com/in/Yifan Z hang1989

EDUCATION
NortheasternUniversity,Boston,MA Collegeof ComputerandInformationScience
Candidatesfora MasterofScienceinInformationAssurance / Expectedgraduation: / Dec.2017

RelatedCourses:FundamentalofInformationAssurance,ComputerSystemSecurity,NetworkSecurityPractice,

SoftwareVulnerability,Foundationsof ComputerNetwork,ComputerForensics,RiskManagement

UniversityofTasmania,Tasmania,Australia

BachelorofInformationSystemandManagement, June.2012

ShanghaiOceanUniversity,Shanghai,China

BachelorofManagement June.2012

TECHNICALKNOWLEDGE

Languages:HTML,JavaScript,CSS,C#,Python,PowerShell

OperatingSystems:Windows7, Linux(Redhat,Ubuntu,KaliandCentOS)

SecurityTools:Wireshark,Zenmap,NetworkWitnessInvestigator,Metasploit,Nessus,Webscarab,Snort DevelopmentTools:Pycharm,Python2.7/3.0,TFS,Git,SVN,VisualStudio,SQLServer,Unity5.5. Certification:Oracle10gprofessional(OCP);SharePoint2010(70-573)

WORKEXPERIENCE

FederalReserveBankofBoston,Boston,MA,USA Jan.2017–Aug.2017

ApplicationDeveloper(Coopintern)

DevelopedHoloLensmix-realityapplicationto visualizeNewEnglandeconomicdata (C#,Unity,Blender)

DevelopedARbasedmoneybillrecognitionprogramonAndroidsmartphone(C#,Unity,Vuforia)

Fixedthe“ClickJacking”vulnerabilitiesfor severalweb applications.

Fixedthe“SlowHttp”vulnerabilitiesfor severalwebapplications.

Developeda SSISprogramtoprocesscomplexdatainSQLserver(C#,SQLserver)

DevelopedanapplicationtosafelytransferlocalfilestotheFTPserver(C#)

Optimizeda criticalFedapplicationperformanceanddecreasedtheloadingtimefrom20sto1 s(C#,SQLserver)

MaintainedseveralFedapplicationsincludingbugfixand newfeatureimplementation

StandardChartedBank,Shanghai,China

SeniorSharePointEngineer Dec.2014–June.2015

Developeda companyregulationmanagementanddisseminationsystem(C#,.NET,JQuery)

MaintainedSCB’sonlineaccountopeningsystemsincludingbugfixandnewfeatureimplementation

Reviewedteammember’scodeandassignedtaskseveryweek

CognizantTechnologySolutions,Shanghai,China

ProgramAnalyst June.2012–Dec.2014

Developed50+portalsitesofdifferentcountriesforMerckbyusingSharePoint.

Developedchangemanagementsystemandits workflowforXeroxbyusingSharePoint

ACDEMICPROJECTs

NortheasternUniversity,Boston,MA Sept.2015-present

EthicalHacking(Reconnaissance,Scanning,ExploitandMitigation)

LeveragedNmap,Metasploitto gatherattackinfo, findandattacktargetmachine

AppliedtheMitigationsolutions.

Securityvulnerabilityexploitation

ImplementedtheSQLinjection,Bufferoverflow,Sessionhijackattack

ImplementedtheXSS,XSRF,andARPspoofingattack

RiskAnalysisforCognizantTechnologySolutions

AssessedCognizantTechnologySolutionssecuritycontrolrisksagainstNISTstandard

Proposedriskmitigationadvicebasedonthecost-effectiveanalysis.

SnortIDSConfiguration

ConfiguredSnorttoblocksomespecialpacketsinournetwork

Blockedremoteaccess;BlockedunwantedDNSpacketsetc.

CDNImplementation

Wrote aPythonbasedHTTPserverandDNSserver;DesignedCDNstrategy

Wrotescriptstomanageup-to20AWSServers

RawSocket(ImplementTCP/IPProtocol,python)

WrotePythondownloadsoftware

ImplementedTCP/IPProtocol(composeddatagramsanddecodeddatagramsinlowerlevel)